Sampling of Cybersecurity Predictions 2017

Tis the season to predict what’s going to happen in 2017.  Here’s a sampling:

Booz Allen Hamilton has issued its Foresights: Cyberthreat Analysis 2017.

Here are some takeaways:

  • Enterprise Environment Provide most Fertile Territory for Aspiring Ransomware Operators
  • Beyond Distributed Denial of Service—Internet of Things as an Enabler of Expanded Network Compromise
  • China’ Cyber-Espionage to Ramp Back Up in 2017 as new U.S. Administration Takes Power
  • The Gradual Decline of POS Malware in Favor of E-Commerce Focused Malware.

Read the report here with all Booz Allen Predictions for 2017

Palo Alto Networks has weighed in with cybersecurity predictions from its research center. 

  • 2017 Cybersecurity Predictions: IoT Security Flaws Awareness Will Be Magnified

In this post, Palo Alto offers four changes—two sure things and two long shorts–that security professionals might see in 2017.

Sure Things:

  • Rapid Consolidation in the Endpoint Security Market

According to the research firm Cybersecurity Ventures, there were more than three dozen vendors and startups in the endpoint security market in 2016. For an evaluator or buyer of security products, that’s too many options, too many disparate approaches, and too much confusion – clear signs of saturation in any market.

  • Dramatic Increase in Use of Exploit Kits

Recent research from Unit 42, the Palo Alto Networks threat intelligence team, outlined the three main reasons cybercriminals continue to rely heavily on exploit kits:

  • Exploit kits present cyber attackers with a much stealthier option for infecting Windows hosts with malware.
  • The exploitation process is automatic.
  • Criminals can use exploit kits to essentially outsource malware distribution.

In other words, exploit kits turn cyberattacks into an automatic, outsourced, and scalable operation for criminals.

Long shots

  • Marked Increase in macOS-based Malware

In March 2016, Unit 42 discovered KeRanger, the first instance of a macOS-based ransomware. Since then, the team has discovered several new types of malware exclusive to macOS. This is not a surprising trend – what’s surprising is that it took so long.

  • Increased Awareness of IoT Security Flaws

The proliferation of the Internet of Things (IoT) is already underway. According to the research firm Gartner, there were an estimated 6.4 billion IoT devices in use in 2016. The firm forecasts that there will be over 20 billion connected IoT devices by 2020. Despite the large number of devices, IoT security still seems to be an afterthought.

Read the full post here.

Here’s another set of sure-thing and long-shot predictions from Palo Alto regarding the financial sector.

Two sure things

Growing Adoption of Public Cloud – The financial services industry is the final frontier for public cloud computing. After years of saying it will never happen due to information security concerns, the industry has slowly warmed up to the use of the public cloud.

Common Use of Multi-Factor Authentication (MFA) – As we saw with the recent fraudulent transactions at several SWIFT member banks, legitimate login and password credentials were somehow stolen and used to initiate fund transfers. This basic authentication technique is prone to compromise and allows account takeover (ATO) attacks. Financial institutions will finally take note and adopt more robust MFA techniques

Two Long Shots

Broad Implementation of Zero Trust Networks – Forrester Research first introduced the Zero Trust (ZT) model in 2009, but as of the end of 2016, implementations are still not widely seen. Conceptually, the information security value of restricting traffic to only known, legitimate flows between various portions of the network is difficult to refute. Any malicious activity will then be constrained by the nearest segmentation gateway.

Blockchain Opens Another Attack Vector

Vulnerabilities in nascent implementations of blockchain technology will be discovered by malicious actors who will exploit them in an effort to compromise the security and confidentiality of financial transactions in 2017

Read the entire article here.

From Security Intelligence (

Industries such as energy and utilities, manufacturing and supply chains have remained relatively isolated from major cyber attacks.  This is about to change.  Michael Kehoe, WW Program Director, IBM

Read more

From TechRepublic (

Cyber-offense and cyber-defense capacities will increase – Mark Testoni, CEO at SAP’s national security arm, NS2

We will see an increased rate of sharing of cyber capabilities between the commercial and government spaces. Commercial threat intelligence capabilities will be adopted more broadly by organizations and corporations… High performance computing (HPC), in conjunction with adaptive machine learning (ML) capabilities, will be an essential part of network flow processing because forensic analysis can’t stop an impending attack.

Ransomware and extortion will increase – Stephen Gates, chief research intelligence analyst at NSFOCUS

The days of single-target ransomware will soon be a thing of the past. Next-generation ransomware paints a pretty dark picture as the self-propagating worms of the past, such as Conficker, Nimda, and Code Red, will return to prominence—but this time they will carry ransomware payloads capable of infecting hundreds of machines in an incredibly short time span.

Industrial IoT hacks will increase – Adam Meyer, chief security strategist at SurfWatch Labs

IoT security threats have been talked about, but not really worried about by most because a serious incident had yet to occur. With the 2016 DDoS attack on Dyn, and the ripple effect it created, we will see more scrutiny on security within the IoT marketplace. Vendors will work in new security precautions, but at the same time, criminals will also increase their attention on new ways to leverage IoT devices for their own malicious purposes.

Read more

From the UK’s  ITProPortal (

Resilience and recovery will become commercial differentiators

Cyber-attacks are now so powerful that only a fool will claim to be invulnerable.  Even the smartest organization can be hit by an attack, so in 2017 the differentiating factor is how they deal with it.

Global clients will demand to inspect their supply chains’ data security

Most organisations already realise that their sensitive data is held in their supply chain as well as internally. There is often a stark gulf between what organisations expect of their suppliers and the contractual obligations they impose on them. As awareness of cyber security risks grows, we are starting to see global businesses seek demonstrable proof of data security competence from key professional advisers such as law firms, accountancy practices and business consultancies.

Read more